-
Notifications
You must be signed in to change notification settings - Fork 7
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feature Request] Change ConditionResolvers to be Able to Accept type "any" and Context to Accept "any" as Well #15
Labels
enhancement
New feature or request
Comments
For anyone in the future, I augmented them through the following method: // External Imports
import { EffectBlock, ActionBlock, ResourceBlock, NotResourceBlock, Patterns } from 'iam-policies/dist/src/types';
// Project Imports
import { conditionResolvers } from './iam/conditions';
declare module 'iam-policies' {
interface ConditionMap {
[key: string]: any;
}
type ConditionBlock = {
[key in keyof typeof conditionResolvers]?: ConditionMap;
}
interface StatementInterface {
sid?: string;
effect?: EffectBlock;
condition?: ConditionBlock;
}
type ConditionResolver = typeof conditionResolvers;
interface NotActionBlock {
notAction: Patterns;
}
type IdentityBasedType = StatementInterface & (ActionBlock | NotActionBlock) & (ResourceBlock | NotResourceBlock);
export interface Context {
[key: string]: any;
}
export interface EvaluateIdentityBasedInterface {
action: string;
resource: string;
context?: Context;
}
class IdentityBasedPolicy {
constructor(config: IdentityBasedType[], conditionResolver?: ConditionResolver);
evaluate({ action, resource, context, }: EvaluateIdentityBasedInterface): boolean;
can({ action, resource, context }: EvaluateIdentityBasedInterface): boolean;
cannot({ action, resource, context, }: EvaluateIdentityBasedInterface): boolean;
}
type PrincipalMap = {
[key in EEntityPolicyEnumPrincipal]?: EClient | EClient[] | string | string[];
}
interface PrincipalBlock {
principal: PrincipalMap | Patterns;
}
interface NotPrincipalBlock {
principal: PrincipalMap | Patterns;
}
type ResourceBasedType = StatementInterface & (PrincipalBlock | NotPrincipalBlock) & (ActionBlock | NotActionBlock) & (ResourceBlock | NotResourceBlock | {});
export interface EvaluateResourceBasedInterface extends EvaluateIdentityBasedInterface {
principal: string;
principalType?: string;
}
class ResourceBasedPolicy {
constructor(config: ResourceBasedType[], conditionResolver?: ConditionResolver);
evaluate({ principal, action, resource, principalType, context, }: EvaluateResourceBasedInterface): boolean;
can({ principal, action, resource, principalType, context, }: EvaluateResourceBasedInterface): boolean;
cannot({ principal, action, resource, principalType, context, }: EvaluateResourceBasedInterface): boolean;
}
} |
roggervalf
added a commit
that referenced
this issue
Nov 9, 2020
using Record in conditionBlock, not only allowing string, number and boolean values re #15
Hi @yaser-ali-s, sorry for the delay in address this, hope the last release could help you. Thank you for this feature request. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, the
ConditionKey
andConditionResolver
types only allow for certain types to be passed through:Since the resolvers themselves are not provided by the package, it might as well be permissible to use type
any
as the arguments, with the return type staying as boolean.That, of course, means to change type
Context
, as well, to accept any.The other option would be to augment the package, but I'm having difficulty doing that, and I'm not sure what's causing the issues.
The text was updated successfully, but these errors were encountered: